From ba638f40cfc1c7677c93f06aec70134eb0fd7066 Mon Sep 17 00:00:00 2001 From: Jordan Borean Date: Thu, 4 Oct 2018 05:55:02 +1000 Subject: [PATCH] ps-lint: ignore rules that are not relevant to Ansible (#46376) --- .../modules/windows/win_chocolatey.ps1 | 9 ------- .../modules/windows/win_chocolatey_source.ps1 | 2 -- lib/ansible/modules/windows/win_user.ps1 | 2 -- test/sanity/pslint/ignore.txt | 26 ------------------- test/sanity/pslint/settings.psd1 | 9 ++++++- 5 files changed, 8 insertions(+), 40 deletions(-) diff --git a/lib/ansible/modules/windows/win_chocolatey.ps1 b/lib/ansible/modules/windows/win_chocolatey.ps1 index 6a087f1262b..b034ac3cb5c 100644 --- a/lib/ansible/modules/windows/win_chocolatey.ps1 +++ b/lib/ansible/modules/windows/win_chocolatey.ps1 @@ -71,8 +71,6 @@ Function Get-CommonChocolateyArguments { } Function Get-InstallChocolateyArguments { - [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSAvoidUsingUserNameAndPassWordParams", "", Justification="We need to use the plaintext pass in the cmdline, also using a SecureString here doesn't make sense considering the source is not secure")] - [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSAvoidUsingPlainTextForPassword", "", Justification="See above")] param( [bool]$allow_downgrade, [bool]$allow_empty_checksums, @@ -165,9 +163,6 @@ Function Get-InstallChocolateyArguments { } Function Install-Chocolatey { - [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSAvoidUsingUserNameAndPassWordParams", "", Justification="We need to use the plaintext pass in the env vars, also using a SecureString here doesn't make sense considering the source is not secure")] - [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSAvoidUsingPlainTextForPassword", "", Justification="See above")] - [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSAvoidUsingConvertToSecureStringWithPlainText", "", Justification="See above")] param( [String]$proxy_url, [String]$proxy_username, @@ -317,8 +312,6 @@ Function Get-ChocolateyPackageVersion { } Function Update-ChocolateyPackage { - [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSAvoidUsingUserNameAndPassWordParams", "", Justification="We need to use the plaintext pass in the cmdline, also using a SecureString here doesn't make sense considering the source is not secure")] - [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSAvoidUsingPlainTextForPassword", "", Justification="See above")] param( [Parameter(Mandatory=$true)][String]$choco_path, [Parameter(Mandatory=$true)][String[]]$packages, @@ -378,8 +371,6 @@ Function Update-ChocolateyPackage { } Function Install-ChocolateyPackage { - [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSAvoidUsingUserNameAndPassWordParams", "", Justification="We need to use the plaintext pass in the cmdline, also using a SecureString here doesn't make sense considering the source is not secure")] - [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSAvoidUsingPlainTextForPassword", "", Justification="See above")] param( [Parameter(Mandatory=$true)][String]$choco_path, [Parameter(Mandatory=$true)][String[]]$packages, diff --git a/lib/ansible/modules/windows/win_chocolatey_source.ps1 b/lib/ansible/modules/windows/win_chocolatey_source.ps1 index 4795373ecab..043c2fcc7ec 100644 --- a/lib/ansible/modules/windows/win_chocolatey_source.ps1 +++ b/lib/ansible/modules/windows/win_chocolatey_source.ps1 @@ -109,8 +109,6 @@ Function Get-ChocolateySources { } Function New-ChocolateySource { - [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSAvoidUsingUserNameAndPassWordParams", "", Justification="We need to use the plaintext pass in the cmdline, also using a SecureString here doesn't make sense considering the source is not secure")] - [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSAvoidUsingPlainTextForPassword", "", Justification="See above")] param( $choco_app, $name, diff --git a/lib/ansible/modules/windows/win_user.ps1 b/lib/ansible/modules/windows/win_user.ps1 index 715861e923c..1809cf25f2e 100644 --- a/lib/ansible/modules/windows/win_user.ps1 +++ b/lib/ansible/modules/windows/win_user.ps1 @@ -41,8 +41,6 @@ function Get-Group($grp) { } Function Test-LocalCredential { - [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSAvoidUsingUserNameAndPassWordParams", "", Justification="We need to use the plaintext pass in the Win32 call, also the source isn't a secure string to using that is just a waste of time/code")] - [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSAvoidUsingPlainTextForPassword", "", Justification="See above")] param([String]$Username, [String]$Password) $platform_util = @' diff --git a/test/sanity/pslint/ignore.txt b/test/sanity/pslint/ignore.txt index a5e42189878..ed85522a774 100644 --- a/test/sanity/pslint/ignore.txt +++ b/test/sanity/pslint/ignore.txt @@ -1,5 +1,4 @@ examples/scripts/ConfigureRemotingForAnsible.ps1 PSAvoidUsingCmdletAliases -examples/scripts/ConfigureRemotingForAnsible.ps1 PSUseBOMForUnicodeEncodedFile examples/scripts/upgrade_to_ps3.ps1 PSAvoidUsingWriteHost examples/scripts/upgrade_to_ps3.ps1 PSUseApprovedVerbs lib/ansible/module_utils/powershell/Ansible.ModuleUtils.ArgvParser.psm1 PSUseApprovedVerbs @@ -11,7 +10,6 @@ lib/ansible/module_utils/powershell/Ansible.ModuleUtils.LinkUtil.psm1 PSUseAppro lib/ansible/modules/windows/setup.ps1 PSAvoidUsingCmdletAliases lib/ansible/modules/windows/setup.ps1 PSAvoidUsingEmptyCatchBlock lib/ansible/modules/windows/setup.ps1 PSUseDeclaredVarsMoreThanAssignments -lib/ansible/modules/windows/win_certificate_store.ps1 PSAvoidUsingPlainTextForPassword lib/ansible/modules/windows/win_copy.ps1 PSUseApprovedVerbs lib/ansible/modules/windows/win_copy.ps1 PSUseDeclaredVarsMoreThanAssignments lib/ansible/modules/windows/win_dns_client.ps1 PSAvoidGlobalVars @@ -19,28 +17,18 @@ lib/ansible/modules/windows/win_dns_client.ps1 PSAvoidUsingCmdletAliases lib/ansible/modules/windows/win_dns_client.ps1 PSAvoidUsingWMICmdlet lib/ansible/modules/windows/win_dns_client.ps1 PSUseApprovedVerbs lib/ansible/modules/windows/win_dns_client.ps1 PSUseDeclaredVarsMoreThanAssignments -lib/ansible/modules/windows/win_domain.ps1 PSAvoidUsingConvertToSecureStringWithPlainText lib/ansible/modules/windows/win_domain.ps1 PSAvoidUsingEmptyCatchBlock lib/ansible/modules/windows/win_domain.ps1 PSUseApprovedVerbs lib/ansible/modules/windows/win_domain.ps1 PSUseDeclaredVarsMoreThanAssignments lib/ansible/modules/windows/win_domain_controller.ps1 PSAvoidGlobalVars -lib/ansible/modules/windows/win_domain_controller.ps1 PSAvoidUsingConvertToSecureStringWithPlainText -lib/ansible/modules/windows/win_domain_controller.ps1 PSAvoidUsingPlainTextForPassword -lib/ansible/modules/windows/win_domain_controller.ps1 PSAvoidUsingUserNameAndPassWordParams lib/ansible/modules/windows/win_domain_controller.ps1 PSAvoidUsingWMICmdlet lib/ansible/modules/windows/win_domain_controller.ps1 PSUseApprovedVerbs lib/ansible/modules/windows/win_domain_controller.ps1 PSUseDeclaredVarsMoreThanAssignments -lib/ansible/modules/windows/win_domain_group.ps1 PSAvoidUsingConvertToSecureStringWithPlainText lib/ansible/modules/windows/win_domain_membership.ps1 PSAvoidGlobalVars -lib/ansible/modules/windows/win_domain_membership.ps1 PSAvoidUsingConvertToSecureStringWithPlainText -lib/ansible/modules/windows/win_domain_membership.ps1 PSAvoidUsingPlainTextForPassword -lib/ansible/modules/windows/win_domain_membership.ps1 PSAvoidUsingUserNameAndPassWordParams lib/ansible/modules/windows/win_domain_membership.ps1 PSAvoidUsingWMICmdlet lib/ansible/modules/windows/win_domain_membership.ps1 PSUseApprovedVerbs lib/ansible/modules/windows/win_domain_membership.ps1 PSUseDeclaredVarsMoreThanAssignments -lib/ansible/modules/windows/win_domain_user.ps1 PSAvoidUsingConvertToSecureStringWithPlainText lib/ansible/modules/windows/win_dsc.ps1 PSAvoidUsingCmdletAliases -lib/ansible/modules/windows/win_dsc.ps1 PSAvoidUsingConvertToSecureStringWithPlainText lib/ansible/modules/windows/win_dsc.ps1 PSAvoidUsingEmptyCatchBlock lib/ansible/modules/windows/win_dsc.ps1 PSUseApprovedVerbs lib/ansible/modules/windows/win_eventlog.ps1 PSUseDeclaredVarsMoreThanAssignments @@ -48,27 +36,16 @@ lib/ansible/modules/windows/win_find.ps1 PSAvoidUsingEmptyCatchBlock lib/ansible/modules/windows/win_find.ps1 PSAvoidUsingWMICmdlet lib/ansible/modules/windows/win_firewall_rule.ps1 PSAvoidUsingCmdletAliases lib/ansible/modules/windows/win_firewall_rule.ps1 PSUseApprovedVerbs -lib/ansible/modules/windows/win_get_url.ps1 PSAvoidUsingPlainTextForPassword lib/ansible/modules/windows/win_get_url.ps1 PSUseApprovedVerbs lib/ansible/modules/windows/win_get_url.ps1 PSUseSupportsShouldProcess lib/ansible/modules/windows/win_hotfix.ps1 PSUseApprovedVerbs -lib/ansible/modules/windows/win_iis_virtualdirectory.ps1 PSUseBOMForUnicodeEncodedFile -lib/ansible/modules/windows/win_iis_webapplication.ps1 PSUseBOMForUnicodeEncodedFile -lib/ansible/modules/windows/win_iis_webapppool.ps1 PSUseBOMForUnicodeEncodedFile lib/ansible/modules/windows/win_iis_webbinding.ps1 PSUseApprovedVerbs -lib/ansible/modules/windows/win_iis_webbinding.ps1 PSUseBOMForUnicodeEncodedFile lib/ansible/modules/windows/win_iis_website.ps1 PSAvoidUsingCmdletAliases lib/ansible/modules/windows/win_iis_website.ps1 PSAvoidUsingPositionalParameters -lib/ansible/modules/windows/win_iis_website.ps1 PSUseBOMForUnicodeEncodedFile lib/ansible/modules/windows/win_iis_website.ps1 PSUseDeclaredVarsMoreThanAssignments -lib/ansible/modules/windows/win_mapped_drive.ps1 PSAvoidUsingConvertToSecureStringWithPlainText lib/ansible/modules/windows/win_nssm.ps1 PSAvoidUsingCmdletAliases -lib/ansible/modules/windows/win_nssm.ps1 PSAvoidUsingPlainTextForPassword -lib/ansible/modules/windows/win_nssm.ps1 PSAvoidUsingUserNameAndPassWordParams lib/ansible/modules/windows/win_nssm.ps1 PSUseApprovedVerbs lib/ansible/modules/windows/win_nssm.ps1 PSUseDeclaredVarsMoreThanAssignments -lib/ansible/modules/windows/win_package.ps1 PSAvoidUsingConvertToSecureStringWithPlainText -lib/ansible/modules/windows/win_package.ps1 PSAvoidUsingPlainTextForPassword lib/ansible/modules/windows/win_package.ps1 PSUseApprovedVerbs lib/ansible/modules/windows/win_package.ps1 PSUsePSCredentialType lib/ansible/modules/windows/win_pagefile.ps1 PSAvoidUsingCmdletAliases @@ -86,15 +63,12 @@ lib/ansible/modules/windows/win_scheduled_task_stat.ps1 PSAvoidUsingCmdletAliase lib/ansible/modules/windows/win_scheduled_task_stat.ps1 PSUseDeclaredVarsMoreThanAssignments lib/ansible/modules/windows/win_security_policy.ps1 PSUseApprovedVerbs lib/ansible/modules/windows/win_security_policy.ps1 PSUseDeclaredVarsMoreThanAssignments -lib/ansible/modules/windows/win_service.ps1 PSAvoidUsingPlainTextForPassword -lib/ansible/modules/windows/win_service.ps1 PSAvoidUsingUserNameAndPassWordParams lib/ansible/modules/windows/win_shell.ps1 PSAvoidUsingCmdletAliases lib/ansible/modules/windows/win_shell.ps1 PSUseApprovedVerbs lib/ansible/modules/windows/win_stat.ps1 PSAvoidUsingWMICmdlet lib/ansible/modules/windows/win_stat.ps1 PSUseApprovedVerbs lib/ansible/modules/windows/win_unzip.ps1 PSAvoidUsingCmdletAliases lib/ansible/modules/windows/win_unzip.ps1 PSUseApprovedVerbs -lib/ansible/modules/windows/win_uri.ps1 PSAvoidUsingConvertToSecureStringWithPlainText lib/ansible/modules/windows/win_uri.ps1 PSAvoidUsingEmptyCatchBlock lib/ansible/modules/windows/win_user.ps1 PSAvoidUsingCmdletAliases lib/ansible/modules/windows/win_wait_for.ps1 PSAvoidUsingEmptyCatchBlock diff --git a/test/sanity/pslint/settings.psd1 b/test/sanity/pslint/settings.psd1 index 7c8529f291c..f4de7c09fea 100644 --- a/test/sanity/pslint/settings.psd1 +++ b/test/sanity/pslint/settings.psd1 @@ -2,6 +2,13 @@ ExcludeRules=@( 'PSPossibleIncorrectComparisonWithNull', 'PSUseOutputTypeCorrectly', - 'PSUseShouldProcessForStateChangingFunctions' + 'PSUseShouldProcessForStateChangingFunctions', + # We send strings as plaintext so will always come across the 3 issues + 'PSAvoidUsingPlainTextForPassword', + 'PSAvoidUsingConvertToSecureStringWithPlainText', + 'PSAvoidUsingUserNameAndPassWordParams', + # We send the module as a base64 encoded string and a BOM will cause + # issues here + 'PSUseBOMForUnicodeEncodedFile' ) }